A government department generates information which should not be disclosed to anyone who works outside of the department. There are many other government departments working within the same building. Which of the following would NOT be an effective control procedure for the generation and distribution of the information within the government department?
A、If working from home, departmental employees must use a memory stick to transfer data, as laptop computers are not allowed to leave the department.
B、All departmental employees must enter non-disclosed and regularly updated passwords to access their computers.
C、All authorised employees must swipe an officially issued, personal identity card at the entrance to the department before they can gain access.
D、All hard copies of confidential information must be shredded at the end of each day or locked overnight in a safe if needed again.
A、If working from home, departmental employees must use a memory stick to transfer data, as laptop computers are not allowed to leave the department.
B、All departmental employees must enter non-disclosed and regularly updated passwords to access their computers.
C、All authorised employees must swipe an officially issued, personal identity card at the entrance to the department before they can gain access.
D、All hard copies of confidential information must be shredded at the end of each day or locked overnight in a safe if needed again.
【参考答案及解析】
A memory stick is much more likely to get mislaid and compromise security than a password protected laptop. It is likely that memory sticks could get lost or that information is left on home computers. In the context of the scenario all the other options are good practice.
A memory stick is much more likely to get mislaid and compromise security than a password protected laptop. It is likely that memory sticks could get lost or that information is left on home computers. In the context of the scenario all the other options are good practice.